Dave Kearns: I’m from Microsoft, and I’m here to help you

Microsoft Corp. recently announced its Palladium initiative, which will provide features in the Windows operating system tied to features of the computer’s chipset to establish identity-based management of the PC. Not surprisingly, this was announced to Newsweek rather than to the technology press. I say not surprisingly because this system is even less user-friendly than the Intel idea to embed identification numbers in CPUs that was shot down three years ago, and the general press is less equipped to ask the tough questions about new technologies.

Microsoft is touting the new technology as a stepping stone to digital rights management, but it’s more than that. Not only would copyright holders (especially music and video copyright holders) obtain a way to control licensing of material, but the producer and users of any content would be able to be tracked – it would be relatively easy to find out who wrote which e-mail and who read or viewed each document. Anonymity would definitely be a thing of the past.

But Manferdelli, the general manager for the project, wants you to think that this is a boon to users, increasing their security and privacy. That’s hogwash, or worse.

Privacy is not enhanced when everything you type at the keyboard can be traced back to you. And as for security, that promise quickly is proving to be illusory.

Microsoft’s competitors, quite rightly, are wailing that this smacks of yet another monopolistic practice. They say it would be easy to build into this architecture “security” checks that only Microsoft (or Microsoft-licensed) applications could pass. To allay these fears, Microsoft is considering publishing the source code to Palladium.

While publishing the source code might assuage Microsoft’s competitors, it would be a boon to the crackers who want to find a way to evade the security system. The locks on your door and an alarm system aren’t much help against a burglar armed with the system’s blueprints!

There needs to be better security for our computers, but the bulk of the security problems are caused by Microsoft applications, not by the operating system. Fix the flaws in the apps, Redmond, then try to develop security-conscious apps. Security is important, but not important enough to give up all of my privacy.

Kearns, a former network administrator, is a freelance writer and consultant in Silicon Valley. He can be reached at wired@vquill.com.